In this respect, creating a strong password policy - one that would enforce the creation of complex, “hard-nut-to-crack” type of login credentials - is one the best and the easiest ways to secure Drupal on the user's side.Ĭome up with a policy that defines specific requirements for setting up passwords of high enough entropy (letters, uppercase/lowercase, symbols, different characters combos).Īnd don't hesitate to rely on dedicated Drupal modules for enforcing those requirements defined in your policy:ĥ. Since it's not just the admin (you do have a smart username and password for logging into your admin dashboard, don't you?) that will log into your Drupal site, but users, too, implementing some strong user-side security measures is a must. Identify them and remove them! It won't take more than just a few priceless minutes of your time. lingering there, using your site's resources and risking to grow into an exploitable backdoor for hackers? That have grown outdated and that are just. So, don't be one of those site owners! Are there modules on your site that you no longer use? ignore the Drupal security threat that an outdated piece of code (or an unused module) could turn itself into, once exploited by an attacker.underrate the importance of running a regular module usage audit on their sites.Remove Unused Modules: One of the Easiest Ways to Secure Drupalīeing the “easiest” security measure to implement doesn't make it also “the most popular” among Drupal site owners. Take some time to weigh and to compare their features.ģ. to locking down your site from security threatsĪs for their selection, it depends greatly on your list of priorities when it comes to improving your site's security.Therefore, I promise to delve deep into details about each one of the here-listed modules in my next post:ĭownloading, installing security modules on your Drupal site is both:Īnd they serve a wide range of purposes, from: Luckily, you're definitely not out of options when it comes to good security modules in Drupal.Īnd I'm only going to run a short module inventory here, since I'm already preparing a blog post focused precisely on this topic. Strengthening the shield around your Drupal site with some powerful Drupal security modules is another both handy and effective measure that you, yourself, can easily implement. prevent any identified vulnerability from growing into a conveniently easy to access backdoor for hackers to get in.seal any security loopholes in your Drupal core.if there are any critical security updates that you're advised to run, just click “Update”.scroll down to “Reports” → “Available Reports”. ![]() Since to run the latest updates you only need to: As simple as that!Īnd where do you add that this is one of those Drupal security best practices that's the easiest to integrate into your routine. Keep your Drupal version updated: apply security patches as soon as they get released, avoiding to leave your site exposed and exploitable. Not only is this one of the simplest ways to secure Drupal, but one of the most effective ones, as well.Įven so more now, with the Drupalgeddon2 Drupal security threat still fresh in our memory, ignoring the regularly released security updates for both Drupal core and its modules is just plain recklessness or. Keep Your Drupal Core and Modules Updated Now, using keywords such as “security measures”, “quick”, “easy” and “handy”, I've come up with a list of 7 basic steps that any Drupal site owner can (and should) take for locking down his/her website.ġ. “Which are the most basic steps to take and the simplest best practices to adopt to harden my Drupal site's security myself?” ![]() Even so, with the menace of a cryptocurrency mining attack still lurking around the unpatched websites, you legitimately ask yourself: what are some quick and easy ways to secure Drupal? You have patched your Drupal website, haven't you? If so, then that critical 3-month-old security flaw, Drupalgeddon2, can't get exploited on your site.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |